<?php
 /**
 * Quick approve
 * 
 * @author: trungdt
 * @since: Feb 9, 2011
 * @version: 1.0
 * 
 * Change logs
 * Feb 9, 2011 - trungdt - First create
 */
 
if (!defined("EXPONENT")) exit("");
    $demand = null;        
    // build localtion
    $loc=null;
    $loc->mod="demandmodule";
    
    if (isset($_POST['id'])) {
        $demand = $db->selectObject('demands', 'id='.intval($_POST['id']));
    } else {
        
    }
    
    //if (exponent_permissions_check("manage",$loc)) {   
    // we can continue if 
    // - this user has administrate or approve demand permission
    // - this user is the owner of this record (post new) 
    if (
    (exponent_permissions_check("administrate",$loc) ||
     exponent_permissions_check("approve_demand",$loc)) && 
     isset($demand->id)
    ) 
    {
      // first, approve for demands
      $now=aboid_getCurrentTime();
      $username=$user->username;
      $sql="UPDATE {$db->prefix}demands 
            SET status=2, publish_date={$now}, 
                unapprove_username =  '{$username}'
            WHERE id = {$demand->id}";
      $db->sql($sql);
      // then approve for witness
      $sql="UPDATE {$db->prefix}witness 
            SET status=2 , publish_date = {$now}, unapprove_username = '{$username}'
            WHERE demand_id = {$demand->id}";
      $db->sql($sql);
      // end 
      //exponent_flow_redirect(SYS_FLOW_ACTION);
      //redirect_to($url);
      echo "OK";
    } else {
        echo SITE_403_HTML;
    }
?>
